I have an email address I use for my domain. And I’ve been getting a ton of spam, which I considered was because the email address is posted on the webpage. However, today I went in and started looking at the Full headers for the emails, and Almost everyone of the emails is directed at some nonexistant email address. Now, normally, Dreamhost deletes emails delivered to a non-existant email address, right? Unless you have catch-all setup, right? Well, I also have catch-all@domain.com setup on my domain, just in case I need to get to something that went to the wrong address. However, it’s not set to forward anything.

So why would my main email address be receiving emails directed at these non-existant addresses? The Full headers can’t be spoofed, can they? If they say that the mail-to address is bob@domain.com, then that’s what the email will go to, right? It shouldn’t ACTUALLY be going to frank@domain.com, should it?

Like I obviously expect some spam…but I don’t want anymore than I have to receive(Currently about 50 a day). If I could figure out why these are being delivered to me when they aren’t being sent to me, that would help a lot.

I think you are misunderstanding the terminology with “catch-all” and “forwarding”. All catch-all’s do *something, even if it is just to send the stuff to “delete” or “delete with bounce” or “deliver to this mailbox”, or “forward”, etc…

Per your description of why you set up a catch-all in the first place (to keep from missing “mis-addressed mail”), your catch all seems to be doing exactly what you intended (so much so, you are now seeing the results - lots of spam to “garbage” addresses at your domain.)

If you go to the Control Panel->mail->Manage addresses and carefully read the “set-up” text for “catch-all”. You will find that it is set to “deliver to this address”, in addition to the options to forward. It sounds as though you have the catch all set up to deliver to your main mail account.

If you don’t want the spam, you should disable the catch-all: any way you set it up (except “delete without bounce”, you will see stuff in your box (unless you set it up to “forward” only - in which case your “target” will get it all) - either the mail, or the “bounce messages”…

I’m perfectly clear of the definition of forwarding as pertains to the email system on dreamhost. There is an option to forward to another mail address, or deliver to “this mailbox” and this mailbox is a new mailbox. The catch-all is setup to deliver the mail to it’s own mailbox. IT has no attachment whatsoever to the other address. The box that says “will be delivered to these email addresses:” is empty. There should be no reason why it would be getting to the other mailbox.

I may just lose the catch-all afterall. But I’d still like to know where the problem lies…because it shouldn’t be happening.

The spammer might have gotten smart, and BCC’d your actual address. So bob@domain.com bounces or, in your case gets swallowed by the catch all, and frank@domain.com gets snuck into the BCC field where you won’t see it, but the server does. So in that regard, on your end at least, yes the headers can be spoofed. I’m almost wondering if you should look for similar addresses in the to field in both your mailboxes. Squirrelmail should, I believe, provide you an opportunity to search your catch all box for that particular address. Alternatively you can always, though I cringe to think of it, download the contents of your catch all to your hard drive, and create a mail filter looking for specific addresses. It’s the hard way to do it, but it’ll tell you if that’s the tactic they’re using.